How To Install Windows 11? How To Bypass the TPM Requirement and Install the Windows 11 https://youtu.be/jWXkYKnjJ2w
VulnHub — VulnCMS:1 Walkthrough https://infosecwriteups.com/vulnhub-vulncms-1-walkthrough-d4f8a071e61?source=rss----7b722bfd1b8d---4
Medium
VulnHub — VulnCMS:1 Walkthrough
VulnCMS:1 is an easy level, Mr. Robot themed boot2root CTF challenge where you have to enumerate the box , find the CMS version, and…
VulnHub — Hacksudo: ProximaCentauri Walkthrough https://infosecwriteups.com/vulnhub-hacksudo-proximacentauri-walkthrough-327aff6acfb6?source=rss----7b722bfd1b8d---4
Medium
VulnHub — Hacksudo: ProximaCentauri Walkthrough
VulnHub — Hacksudo:ProximaCentauri is a medium level boot2root challenge where you have to enumerate the machine thoroughly and exploit a…
Criptógrafos vulneran el protocolo de cifrado de Telegram https://unaaldia.hispasec.com/2021/07/criptografos-vulneran-el-protocolo-de-cifrado-de-telegram.html/
Una al Día
Criptógrafos vulneran el protocolo de cifrado de Telegram
Un grupo de criptógrafos internacionales descubrieron cuatro vulnerabilidades asociadas al protocolo de cifrado de Telegram.
📃 "Herramientas ingeniería inversa" https://blog.elhacker.net/2021/05/herramientas-ingenieria-inversa.html
🛠 x64dbg https://x64dbg.com
🛠 WinDbg https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/
🛠 IDA Disassembler https://www.hex-rays.com/products/ida/
🛠 Radare2 https://rada.re/
🛠 GHIDRA https://ghidra-sre.org/
🛠 Binary Ninja https://binary.ninja/
🛠 Detect it Easy (DiE) https://ntinfo.biz/
🛠 ExeInfoPE https://exeinfo-pe.en.uptodown.com/
🛠 HIEW http://www.hiew.ru/
🛠 Pestudio https://www.winitor.com/
🛠 PE-bear https://hshrzd.wordpress.com/pe-bear/
🛠 Fakenet-NG https://github.com/fireeye/flare-fakenet-ng
🛠 ProcessExplorar https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
🛠 RegShot https://sourceforge.net/projects/regshot/
🛠 RCPView https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview
🛠 Resource Hacker http://www.angusj.com/resourcehacker/
🛠 Process Hacker https://github.com/processhacker/processhacker
https://t.me/Pen7esting
🛠 x64dbg https://x64dbg.com
🛠 WinDbg https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/
🛠 IDA Disassembler https://www.hex-rays.com/products/ida/
🛠 Radare2 https://rada.re/
🛠 GHIDRA https://ghidra-sre.org/
🛠 Binary Ninja https://binary.ninja/
🛠 Detect it Easy (DiE) https://ntinfo.biz/
🛠 ExeInfoPE https://exeinfo-pe.en.uptodown.com/
🛠 HIEW http://www.hiew.ru/
🛠 Pestudio https://www.winitor.com/
🛠 PE-bear https://hshrzd.wordpress.com/pe-bear/
🛠 Fakenet-NG https://github.com/fireeye/flare-fakenet-ng
🛠 ProcessExplorar https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
🛠 RegShot https://sourceforge.net/projects/regshot/
🛠 RCPView https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview
🛠 Resource Hacker http://www.angusj.com/resourcehacker/
🛠 Process Hacker https://github.com/processhacker/processhacker
https://t.me/Pen7esting
Blog elhacker.NET
Herramientas ingeniería inversa: análisis de malware estático y dinámico
Blog sobre informática, tecnología y seguridad con manuales, tutoriales y documentación sobre herramientas y programas
Proxy para telegram.
El proxy genera un chat en tu lista de chats mientras activas el proxy, una vez se deshabilita este desaparece.
https://t.me/proxy?server=www.co.in.Allow--Deny.dynu.com..&port=443&secret=3fQ1mpsyX_HR5QhN8OD3U3s
El proxy genera un chat en tu lista de chats mientras activas el proxy, una vez se deshabilita este desaparece.
https://t.me/proxy?server=www.co.in.Allow--Deny.dynu.com..&port=443&secret=3fQ1mpsyX_HR5QhN8OD3U3s
cve-2021-33909
#exploit
CVE-2021-33909:
Sequoia - A LPE Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)
https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt
// Tested on Ubuntu, Debian, Fedora
#exploit
CVE-2021-33909:
Sequoia - A LPE Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)
https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt
// Tested on Ubuntu, Debian, Fedora
Hacktivity from thoger
CVE\-2021\-22925: TELNET stack contents disclosure again
https://hackerone.com/reports/1223882
CVE\-2021\-22925: TELNET stack contents disclosure again
https://hackerone.com/reports/1223882
HackerOne
curl disclosed on HackerOne: CVE-2021-22925: TELNET stack contents...
## Summary:
CVE-2021-22898: TELNET stack contents disclosure (#1176461) issue was recently reported for curl and it was addressed in curl...
CVE-2021-22898: TELNET stack contents disclosure (#1176461) issue was recently reported for curl and it was addressed in curl...
Nuevo bug del kernel de Linux permite obtener root
https://blog.segu-info.com.ar/2021/07/nuevo-bug-del-kernel-de-linux-permite.html
https://blog.segu-info.com.ar/2021/07/nuevo-bug-del-kernel-de-linux-permite.html
Segu-Info - Ciberseguridad desde 2000
Sequoia: nuevo bug del kernel de Linux permite obtener root
Vulnerabilidad de librería Archive_Tar de PEAR en Drupal
Fecha de publicación: 22/07/2021
Importancia: 5 - Crítica
Recursos afectados:
Librería Archive_Tar de Drupal.
Descripción:
Drew Webber, del equipo de seguridad de Drupal, ha reportado una vulnerabilidad de severidad crítica, que podría permitir a un atacante utilizar la librería para extraer archivos que provengan de fuentes no confiables.
Solución:
Instalar la última versión:
Drupal 9.2, actualizar a Drupal 9.2.2;
Drupal 9.1, actualizar a Drupal 9.1.11;
Drupal 8.9, actualizar a Drupal 8.9.17;
Drupal 7, actualizar a Drupal 7.82.
Las versiones de Drupal 8, anteriores a la 8.9.x, y de Drupal 9, anteriores a la 9.1.x, finalizan su ciclo de vida.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-libreria-archivetar-pear-drupal
Fecha de publicación: 22/07/2021
Importancia: 5 - Crítica
Recursos afectados:
Librería Archive_Tar de Drupal.
Descripción:
Drew Webber, del equipo de seguridad de Drupal, ha reportado una vulnerabilidad de severidad crítica, que podría permitir a un atacante utilizar la librería para extraer archivos que provengan de fuentes no confiables.
Solución:
Instalar la última versión:
Drupal 9.2, actualizar a Drupal 9.2.2;
Drupal 9.1, actualizar a Drupal 9.1.11;
Drupal 8.9, actualizar a Drupal 8.9.17;
Drupal 7, actualizar a Drupal 7.82.
Las versiones de Drupal 8, anteriores a la 8.9.x, y de Drupal 9, anteriores a la 9.1.x, finalizan su ciclo de vida.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-libreria-archivetar-pear-drupal
INCIBE-CERT
Vulnerabilidad de librería Archive_Tar de PEAR en Drupal
Drew Webber, del equipo de seguridad de Drupal, ha reportado una vulnerabilidad de severidad crítica, que podría permitir a un atacante utilizar la librería para extraer archivos que provengan de
Proxy para telegram.
El proxy puede generar un chat en tu lista de chats mientras activas el proxy, una vez se deshabilita este desaparece.
⚔🛡☣ Comunidad Anonimo501 💻📱🖥
https://t.me/Pen7esting
https://t.me/proxy?server=czO6XVdmEke.GDC-98wfdauC-xG.v3fzrvyaZy0KRHvFq.VIKeOVg32Jr8vgGOS2ZY66eNAe3Ce7JTcpA-bw85JL-mw.tk&port=443&secret=3fQ1mpsyX_HR5QhN8OD3U3s
El proxy puede generar un chat en tu lista de chats mientras activas el proxy, una vez se deshabilita este desaparece.
⚔🛡☣ Comunidad Anonimo501 💻📱🖥
https://t.me/Pen7esting
https://t.me/proxy?server=czO6XVdmEke.GDC-98wfdauC-xG.v3fzrvyaZy0KRHvFq.VIKeOVg32Jr8vgGOS2ZY66eNAe3Ce7JTcpA-bw85JL-mw.tk&port=443&secret=3fQ1mpsyX_HR5QhN8OD3U3s
Forwarded from Geek girl 👩💻
Awesome articles on Shodan, Github and Google Dorking By @securitytrails
might help you in Bug Hunting, give them a read.
مقالات عالی در مورد شودان ، گیتهاب و گوگل دورک ، ممکنه در فرآیند شکار باگ براتون مفید باشه ! 🤩
Shodan:-
https://securitytrails.com/blog/top-shodan-dorks
Github:-
https://securitytrails.com/blog/github-dorks
Google:-
https://securitytrails.com/blog/google-hacking-techniques
●▬۩❁ @geeekgirls ❁۩▬●
#bugbountytips #infosec
might help you in Bug Hunting, give them a read.
مقالات عالی در مورد شودان ، گیتهاب و گوگل دورک ، ممکنه در فرآیند شکار باگ براتون مفید باشه ! 🤩
Shodan:-
https://securitytrails.com/blog/top-shodan-dorks
Github:-
https://securitytrails.com/blog/github-dorks
Google:-
https://securitytrails.com/blog/google-hacking-techniques
●▬۩❁ @geeekgirls ❁۩▬●
#bugbountytips #infosec
Fortinet corrige un error que permite a usuarios no autenticados ejecutar código como root
https://blog.segu-info.com.ar/2021/07/fortinet-corrige-un-error-que-permite.html
https://blog.segu-info.com.ar/2021/07/fortinet-corrige-un-error-que-permite.html
Wireless Penetration Testing: PMKID Attack (EN)
https://www.hackingarticles.in/wireless-penetration-testing-pmkid-attack/
https://www.hackingarticles.in/wireless-penetration-testing-pmkid-attack/
Hacking Articles
Wireless Penetration Testing: PMKID Attack
Learn how to perform a PMKID attack using hcxdumptool and Hashcat to crack WPA/WPA2 passwords in wireless penetration testing environments.
VulnHub: https://vulnhub.com/
OverTheWire: https://overthewire.org/
Root-Me: https://root-me.org/
HackThisSite: https://hackthissite.org/
PicoCTF: https://picoctf.com/
Tryhackme: https://tryhackme.com/
CryptoHack: https://cryptohack.org/
offensive-security: https://www.offensive-security.com/labs/individual/
Web security academy: https://portswigger.net/web-security
HackTheBox: academy https://academy.hackthebox.eu/
ZeroPointSecurity: https://www.zeropointsecurity.co.uk/
Game Hacking Academy: https://gamehacking.academy/about
HackTricks: https://book.hacktricks.xyz/
CyberDefenders: https://cyberdefenders.org/labs/
OverTheWire: https://overthewire.org/
Root-Me: https://root-me.org/
HackThisSite: https://hackthissite.org/
PicoCTF: https://picoctf.com/
Tryhackme: https://tryhackme.com/
CryptoHack: https://cryptohack.org/
offensive-security: https://www.offensive-security.com/labs/individual/
Web security academy: https://portswigger.net/web-security
HackTheBox: academy https://academy.hackthebox.eu/
ZeroPointSecurity: https://www.zeropointsecurity.co.uk/
Game Hacking Academy: https://gamehacking.academy/about
HackTricks: https://book.hacktricks.xyz/
CyberDefenders: https://cyberdefenders.org/labs/
Vulnhub
Vulnerable By Design ~ VulnHub
VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
Juumla: Identificar y escanear la versión, archivos de configuración en el CMS #Joomla! 🧐
https://github.com/oppsec/juumla?_unique_id=60fb34697f3a3
https://github.com/oppsec/juumla?_unique_id=60fb34697f3a3
GitHub
GitHub - oppsec/juumla: 🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config…
🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config files. - GitHub - oppsec/juumla: 🦁 Juumla is a python tool created to identify Joomla ve...
para jugar con algo sencillo el finde:
https://telegra.ph/How-to-hack-windows-10-with-an-image-07-21
https://telegra.ph/How-to-hack-windows-10-with-an-image-07-21
Telegraph
How to hack windows 10 with an image
Today we will learn how to hack windows 10 with an image manually with Metasploit and WinRAR. I know from the name the hack might seem difficult but in reality, hacking windows with an image is very easy and straight forward. seeing how dangerous it is. Anyone…